using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.Mvc;

namespace OA.UI
{
    public class SecurityCheck : ActionFilterAttribute
    {
        private bool checkip=true;
        private bool checkoutpost = true;
        public SecurityCheck()
        {
        }

        /// <param name="checkip">是否检查IP黑名单</param>
        /// <param name="checkoutpost">是否检查外部提交</param>
        public SecurityCheck(bool checkip, bool checkoutpost)
        {
            this.checkip = checkip;
            this.checkoutpost = checkoutpost;
        }

       public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (checkip && BLL.SystemConfig.LoadConfig().Feature.IsOpenIPBlackWhite)
            {
                if (new BLL.IPBlackWhite().IsAllowVisit(Common.Utils.FormatIP(filterContext.HttpContext.Request.UserHostAddress)) == false)
                {
                    var Response = filterContext.HttpContext.Response;
                    var url = new UrlHelper(filterContext.RequestContext).Action("Error", "Home",
                        new { Title = "禁止访问", Message = "您的IP地址已经被列为了黑名单。" });
                    filterContext.Result = new RedirectResult(url);
                }
            }
            else if (checkoutpost)
            {
                if (Common.DTRequest.IsPost() && Common.DTRequest.IsLocalReferrer() == false && filterContext.HttpContext.Request.UserAgent != "Shockwave Flash") //禁止从站外提交数据.
                {
                    var Response = filterContext.HttpContext.Response;
                    var url = new UrlHelper(filterContext.RequestContext).Action("Error", "Home",
                        new { Title = "非法访问", Message = "禁止从站外提交数据<br/>请匆尝试任何黑客攻击。" });
                    filterContext.Result = new RedirectResult(url);
                }
            }
            base.OnActionExecuting(filterContext);
        }
    }
}
